I’m not a fan of the new design.

The old design was much better, in my opinion. It had a lot more information on it and I could see what was going on at a glance (e.g., how many people were online). The new one is just… bleh https:/ ...

Continue Reading
API security is a top-of-mind topic for CISOs and developers alike.

We’re seeing an increase in API security maturity across the board. More organizations are taking steps to secure their APIs, but we need more action on the supply chain side of things as well as tr ...

Continue Reading
I was wrong.

I’m not sure what I expected, but it wasn’t this. The book is a collection of short stories that are all about the same thing: people who have been affected by some sort of paranormal experience and ...

Continue Reading
The book is a great introduction to OAuth 2.

0 and OpenID Connect for developers who want to learn the concepts quickly. In less than 80 pages you will gain an overview of the capabilities of OAuth. You will learn the core concepts of OAuth. You ...

Continue Reading
The Internet is a dangerous place.

The internet has become an integral part of our lives, and we use it for everything from shopping to socializing. However, the internet can be a very dangerous place if you?re not careful. There are m ...

Continue Reading
AppSync has a built-in security model that allows you to define fine-grained access control rules for your GraphQL APIs.

You can use the Amplify Transform @auth directive in your schema definitions to easily create authorization rules and add additional authorization modes. GraphQL Security with AWS AppSync and Amplify ...

Continue Reading
SAST tools are not designed for API-centric applications and as such will produce inaccurate results.

API Security is a “black box” problem that requires human analysis The second major challenge with SAST is that it operates in a black box fashion, meaning the tool has no visibility into what happ ...

Continue Reading
I’m a security researcher and I’ve been working in the field for over 10 years.

My research has led to many high-profile bug disclosures, including: CVE-2014-6271 (Shellshock), CVE-2015-0235 (Ghost), and CVE-2016–5195 (Dirty COW). I also work on improving software security by f ...

Continue Reading

Back to Main

Subscribe for the latest news: